$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/hJz5LdhiOsqt12WWT5e0c3aYEcA.roa File: hJz5LdhiOsqt12WWT5e0c3aYEcA.roa (raw, json) Hash identifier: KIr5USklAiNmbRLosFNV8sMI1ZGJ2Otj8qjcNpY8H7o= Subject key identifier: 84:9C:F9:2D:D8:62:3A:CA:AD:D7:65:96:4F:97:B4:73:76:98:11:C0 Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 206B Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/hJz5LdhiOsqt12WWT5e0c3aYEcA.roa Signing time: Sat 13 Sep 2025 03:09:25 +0000 ROA not before: Sat 13 Sep 2025 03:09:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139021 IP address blocks: 43.250.116.0/22 maxlen: 24 103.108.192.0/22 maxlen: 24 103.235.184.0/22 maxlen: 24 150.242.224.0/22 maxlen: 24 219.234.0.0/21 maxlen: 24 219.234.8.0/21 maxlen: 24 219.234.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8299 (0x206b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Sep 13 03:09:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=849CF92DD8623ACAADD765964F97B473769811C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e7:59:b3:bd:68:21:64:55:8e:ab:7a:86:4a: f1:c1:1d:69:6c:18:2f:21:fc:2d:cd:ca:9f:df:70: f1:82:d6:2d:0f:1b:5a:ed:df:52:ac:ce:98:b2:85: 5b:d9:ba:84:8c:e5:52:b1:2a:49:a9:d9:2d:49:8a: 23:47:70:03:30:f8:03:e9:24:49:dc:2e:04:80:0a: d7:a6:c5:2f:8b:e8:dd:30:f4:e5:b5:68:f1:b2:b8: 64:50:98:a4:ac:31:42:dc:f9:d7:84:5b:6d:19:6a: e4:27:fb:25:c5:47:4e:41:e9:4c:4a:ff:97:54:9b: 82:2a:60:c9:48:ef:a6:af:5b:a6:05:18:a6:cf:f4: d3:12:f1:63:fa:b0:c6:85:e9:db:82:92:64:b3:50: 5d:c9:36:51:7d:3e:d7:94:39:a1:e1:aa:67:7b:27: d6:2f:56:d2:3f:6d:2d:55:e9:d4:e8:72:0a:3a:32: 61:8f:39:63:32:5c:5f:2e:78:52:bd:7b:7e:80:fd: 8f:81:e3:fd:fe:f6:db:0a:3b:38:b7:83:17:23:27: 3c:61:b5:ed:e1:f9:84:98:0d:8f:44:2e:c3:58:a5: 79:3f:d8:3b:c9:64:49:72:72:b8:1c:3b:c0:e4:d6: 66:cc:bd:41:2d:70:e2:a6:06:48:e3:31:32:b4:b5: 52:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:9C:F9:2D:D8:62:3A:CA:AD:D7:65:96:4F:97:B4:73:76:98:11:C0 X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/hJz5LdhiOsqt12WWT5e0c3aYEcA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.250.116.0/22 103.108.192.0/22 103.235.184.0/22 150.242.224.0/22 219.234.0.0/19 Signature Algorithm: sha256WithRSAEncryption a3:f3:08:e6:4a:4c:ba:d8:9c:9d:50:77:6e:a1:4d:b1:6d:e3: 8f:57:77:80:c4:72:4a:3c:d6:2a:4d:4a:f5:57:23:48:17:2d: 94:aa:fb:bf:d2:d6:ac:f0:57:51:f9:73:07:d2:c6:80:ec:bf: 21:7a:26:df:d9:80:95:3e:97:fd:1a:7e:1f:f5:4f:35:af:58: 0c:2b:ad:25:d5:62:d4:8a:69:79:3a:97:2c:fe:51:7b:a8:1d: 4e:93:80:de:ff:19:ff:1d:9a:c9:45:f8:de:2f:c7:f9:60:fe: e9:42:13:5e:93:56:a6:1d:0d:db:f4:f5:16:3b:02:09:f8:99: 58:6e:f8:b2:2b:4e:17:28:0f:9c:24:cd:2e:a4:19:e5:d3:20: 95:ea:17:9a:7a:5f:8c:d4:ea:22:c7:ae:a6:97:b3:de:9d:2f: 2f:7d:4a:6b:7e:24:f0:85:13:8b:32:8c:66:49:e9:81:d8:72: 59:8c:ae:e1:ca:ee:1b:73:0a:da:75:6d:58:86:e2:ce:d4:3b: 2f:bd:f7:46:f6:e0:12:46:78:57:e6:54:72:98:a9:66:67:a4: 72:1c:2c:15:25:64:c8:14:cc:1a:ac:b3:d0:ef:f3:26:26:eb: 0d:90:ed:4d:2b:a1:ff:03:0b:b5:b0:a9:62:1d:b1:75:e8:4c: 66:09:36:03 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgICIGswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTA5MTMw MzA5MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg0OUNGOTJERDg2MjNB Q0FBREQ3NjU5NjRGOTdCNDczNzY5ODExQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDm51mzvWghZFWOq3qGSvHBHWlsGC8h/C3Nyp/fcPGC1i0PG1rt 31KszpiyhVvZuoSM5VKxKkmp2S1JiiNHcAMw+APpJEncLgSACtemxS+L6N0w9OW1 aPGyuGRQmKSsMULc+deEW20ZauQn+yXFR05B6UxK/5dUm4IqYMlI76avW6YFGKbP 9NMS8WP6sMaF6duCkmSzUF3JNlF9PteUOaHhqmd7J9YvVtI/bS1V6dTocgo6MmGP OWMyXF8ueFK9e36A/Y+B4/3+9tsKOzi3gxcjJzxhte3h+YSYDY9ELsNYpXk/2DvJ ZElycrgcO8Dk1mbMvUEtcOKmBkjjMTK0tVLHAgMBAAGjggILMIICBzAdBgNVHQ4E FgQUhJz5LdhiOsqt12WWT5e0c3aYEcAwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvaEp6NUxkaGlPc3F0 MTJXV1Q1ZTBjM2FZRWNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEw HgMEAiv6dAMEAmdswAMEAmfruAMEApby4AMEBdvqADANBgkqhkiG9w0BAQsFAAOC AQEAo/MI5kpMuticnVB3bqFNsW3jj1d3gMRySjzWKk1K9VcjSBctlKr7v9LWrPBX UflzB9LGgOy/IXom39mAlT6X/Rp+H/VPNa9YDCutJdVi1IppeTqXLP5Re6gdTpOA 3v8Z/x2ayUX43i/H+WD+6UITXpNWph0N2/T1FjsCCfiZWG74sitOFygPnCTNLqQZ 5dMgleoXmnpfjNTqIseuppez3p0vL31Ka34k8IUTizKMZknpgdhyWYyu4cruG3MK 2nVtWIbiztQ7L733RvbgEkZ4V+ZUcpipZmekchwsFSVkyBTMGqyz0O/zJibrDZDt TSuh/wMLtbCpYh2xdehMZgk2Aw== -----END CERTIFICATE-----Generated at Mon Oct 20 05:45:58 2025 by rpki-client